Chairman Graham, members of the Subcommittee, thank you for the opportunity to submit this statement on behalf of Campaign for Liberty’s three quarters of a million members. The recent cyber-attack on the Office of Personnel Management (OPM), which put as many as 18 million current and retired federal employees at risk of identity theft, has brought renewed focuses on the need to for the government to adequately protect the personal information collected and stored in federal computer systems.

The OPM hack is just the latest example of the government's failure to adequately protect private information from cyber-attacks. Another such incident occurred in 2012, when the Veterans Administration inadvertently released the personal information of 2,200 veterans.

Increased risk of identity theft is also one of the many problems with the Healthcare.gov website. In 2014, the Inspector General for Tax Administration of the Internal Revenue Service (IRS) testified that he “remains concerned about the protection of confidential taxpayer data” the IRS is required to collect in order to enforce the Affordable Care Act’s individual mandate. Some security experts have even suggested that Healthcare.gov be renamed “IdentityTheft.gov.”

Considering the large amount of information collected by the federal government to run federal programs ranging from tax collection, to health care, to education, the security of federal data systems is an issue that should concern every American. The risk of identity theft is yet another reason why all federal programs that violate the Constitution and/or infringe on free markets and individual liberty should be eliminated.

The need to enhance the security of personal information collected and stored by the government should not be used as an excuse to “modernize our legal framework" by further eroding the people's liberties. Sadly, but not surprisingly, Congress seems poised to do just that by passing the Cyber Security Information Sharing Act (CISA) of 2015. CISA would, as its name suggest, provide new authority to federal agencies to share information with other federal agencies.

CISA also allows federal agencies to obtain information on private citizens from Internet Service Providers (ISPs). Companies which share their customers' private information with the government would be protected from legal liability. This grant of immunity will likely encourage companies to overshare their customers’ private information with the government.

As currently written, CISA would allow the government to obtain information from ISPs for purposes not having anything to do with cybersecurity. In addition, CISA explicitly authorizes the use of information obtained without a warrant or a showing of probable cause to investigate crimes not related to cybersecurity, such as those involving “economic harm.”

By giving the government another justification to violate the Fourth Amendment, CISA erodes both our liberty and security. It should thus be opposed by all those who recognize the growth of the surveillance state is one of, if not the, major threats to American liberty.

CISA is not the only legislation expanding the surveillance state that Congress may consider this year. Senator Graham’s Restoration of America’s Wire Act, S. 1668, more accurately named he iGaming Ban, represents a major threat to individual liberty, constitutional government, and cybersecurity. S. 1688 makes it a federal crime to gamble online. By making online gambling a federal crime, this legislation gives the federal government a new excuse to monitor our online activities.

By nullifying state laws in the three states that allow online gambling, as well as pre-empting debate in the several states that are currently considering allowing their citizens to gamble online, the iGaming Ban violates the Tenth Amendment. Proponents of this bill argue the federal government needs to impose a nationwide ban on iGaming in order to protect the integrity of states who have outlawed Internet gambling. The argument turns federalism on its head. The Tenth Amendment was put in the Constitution to protect Americans from excessive federal power grabs, not to justify new federal crimes.

A federal iGaming Ban undermines online security and safety. Passage of RAWA will not end people’s desire to gamble online. Americans wishing to gamble online will patronize offshore casinos. These casinos could be run by criminals or even terrorists. An offshore casino run by a criminal group (or even a foreign country) is unlikely, to say the least, to care about complying with state laws prohibiting their citizens from gambling online. These criminally-controlled casinos could also be used as a vehicle for identity theft and other cybercrimes.

Cybersecurity should not be used as a justification for further infringements of our Fourth Amendment rights. This Congress should reject the unconstitutional and anti-liberty Cyber Security Information Act. Congress should also reject proposals to restrict the American people’s online activities, such as the so-called Restoration of America’s Wire Act, which should be called the iGaming Ban. Not only does this legislation violate the Constitution and increase the surveillance state by driving the online gambling businesses offshore, the iGambing Ban will increase the risk that Americans are victimized by identity theft and other cybercrimes.

Instead of using cybersecurity as an excuse to take away more of our liberties, Congress should find ways to enhance government's ability to protect the security information collected on private citizens. The best way to do this is to repeal all other programs that authorize the government to collect and store American’s personal information.